Another case is you e-mail account is compromised, and DKIM/DMARC are
helpless again.
Actually, you probably do not need to spoof the e-mail address and can
attack with random From:, because message is decoded regardless of
address in the From: and this attack does not require sender's signature
> On May 18, 2018, at 7:09 AM, Vladimir Dubrovin wrote:
>
>
> EFAIL exploitation requires MitM conditions. Neither DKIM nor DMARC protect
> against attacker able to perform MitM.
>
It just requires the attacker to have a copy of the encrypted mail. Passive
mitm is one approach to that, but
EFAIL exploitation requires MitM conditions. Neither DKIM nor DMARC
protect against attacker able to perform MitM.
15.05.2018 17:15, Kurt Andersen пишет:
> Manipulating MIME structures in email messages to expose the encrypted
> content: https://efail.de/
>
> --Kurt
>
>
> ___
On 05/15/2018 10:46 AM, Kurt Andersen (b) wrote:
People who run their GUI MUA to auto-decrypt and display undefanged HTML
probably also run that client as root so the exploit is really quite a
lot more risky than even the hype has made out.
I doubt that.
I'm sure that some of the people that
On 05/15/2018 10:33 AM, Paul Rock wrote:
You're tapping next next next in your email client, the client loads my
message, sends me the decrypted text, and you scratch your head
wondering why you got two copies of the message.
The recipient shouldn't see the second copy of the decrypted message
On Tue, May 15, 2018 at 9:37 AM, Grant Taylor <
gtaylor=40tnetconsulting@dmarc.ietf.org> wrote:
> On 05/15/2018 10:09 AM, John Levine wrote:
>
>> I suppose, for the 10 seconds from the time the message is created until
>> the attacker's MTA signs it on the way out. The bad guy can put a retur
On 05/15/2018 10:09 AM, John Levine wrote:
I suppose, for the 10 seconds from the time the message is created until
the attacker's MTA signs it on the way out. The bad guy can put a return
address he controls on the malicious message and make the whole thing
DMARC compliant.
There is a much
If someone tries some sort of man in the middle inline injection attack to
pull this off, sure, I can see DKIM catching that. But the really really
nasty bit is the assumption is that you (the target) are running an email
client that automatically decrypts any inbound message and render's the
HTML
In article <66d513ca-f33d-748b-e394-bceb6e1da...@spamtrap.tnetconsulting.net>
you write:
>-=-=-=-=-=-
>
>On 05/15/2018 08:15 AM, Kurt Andersen wrote:
>> Manipulating MIME structures in email messages to expose the encrypted
>> content: https://efail.de/
>
>DKIM will not help protect against #Efai
On 05/15/2018 08:15 AM, Kurt Andersen wrote:
Manipulating MIME structures in email messages to expose the encrypted
content: https://efail.de/
DKIM will not help protect against #Efail.
Efail works by copying ciphertext into a new message and arranging for
the client to decrypt it. Said new
> On May 15, 2018, at 7:15 AM, Kurt Andersen wrote:
>
> Manipulating MIME structures in email messages to expose the encrypted
> content: https://efail.de/
While I'd agree that the whole efail thing is a little over-hyped, I don't see
where in the exploit
process having DKIM or DMARC would he
Manipulating MIME structures in email messages to expose the encrypted
content: https://efail.de/
--Kurt
___
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
12 matches
Mail list logo
